CVE-2024-0577 | Totolink LR1200GB 9.1.0u.6619_B20230130 /cgi-bin/cstecgi.cgi setLanguageCfg lang stack-based overflow

Posted by Angelo Barbosa | Jan 16, 2024 | CVE

A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been rated as critical. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument lang leads to stack-based buffer overflow.

The identification of this vulnerability is CVE-2024-0577. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-0577 | Totolink LR1200GB 9.1.0u.6619_B20230130 /cgi-bin/cstecgi.cgi setLanguageCfg lang stack-based overflow

Related Posts

CVE-2024-0528 | CXBSoft Post-Office 1.0 HTTP POST Request update_go.php version sql injection

CVE-2021-47202 | Linux Kernel up to 5.4.209/5.10.80/5.14.20/5.15.3 thermal of_parse_thermal_zones null pointer dereference

CVE-2024-22142 | Cozmoslabs Profile Builder Pro Plugin up to 3.10.0 on WordPress cross site scripting

CVE-2024-0880 | Qidianbang qdbcrm 1.1.0 Password Reset /user/edit cross-site request forgery